Tanium exposed hospital’s IT while using its network in sales demos

Information security company Tanium is a relatively well-established “next-generation” cybersecurity vendor that was founded 10 years ago—far ahead of the wave of the venture capital-funded newcomers, like Cylance, who have changed the security software space. (Tanium has reached a market valuation of more than $3 billion, though there are no indications of when it will make an initial public offering.)

Starting in 2012, Tanium apparently had a secret weapon to help it compete with the wave of newcomers, which the company’s executives used in sales demonstrations: a live customer network they could tap into for product demonstrations.There was just one problem: the customer didn’t know that Tanium was using its network. And since the customer was a hospital, the Tanium demos—which numbered in the hundreds between 2012 and 2015, according to a Wall Street Journal report—exposed live, sensitive information about the hospital’s IT systems. Until recently, some of that data was shown in publicly posted videos.

In 2010, Tanium’s software was installed at Allscripts Healthcare Solutions’ El Camino Hospital (which markets itself as “the hospital of Silicon Valley”) in Santa Clara County, California. The hospital no longer has a relationship with Tanium. While Tanium did not have access to patient data, the demos showed desktop and server management details that were not anonymized.

“The hospital did not authorize desktop management data or other information to be used in any product demonstration and was not previously aware of these demonstrations or videos,” El Camino Hospital told the Journal‘s Rolfe Winkler. “We are dismayed to learn that desktop and server management information was shared. We are thoroughly investigating this matter and take our responsibility to maintain the integrity of our systems very seriously.”

Tanium promises “15-second visibility and control over any endpoint” on a corporate network. Its technology, which uses agents running on Windows, Mac OS, and Unix servers and workstations, gives direct access to system information, allowing administrators to run live queries against systems to find out what’s running on them and to identify potential security vulnerabilities and discover and eliminate possible breaches. In the demos and the videos, Tanium executives—including Tanium CEO Orion Hindawi—reportedly used a live view into El Camino Hospital’s systems to demonstrate the power of the software.

When Tanium suddenly lost access to El Camino’s network in 2015, Hindawi instructed employees to stop trying to log in to the hospital’s network, the Journal reports. The company then offered a bonus to any employee who could find a customer willing to be used as a demonstration host.